Category: DZone Security Zone

As machine learning programs require ever-larger sets of data to train and improve, traditional central training routines creak under the burden of privacy requirements, inefficiencies in operations, and growing consumer skepticism. Liability information, such as medical records or payment history,…

Read more →

Preamble I recently had a conversation with my friend about starting a new company. We discussed the various stages a company should go through to become mature and secure enough to operate in the modern market. This article will outline…

Read more →

In this article, I will go through the concepts of digital experience monitoring (DEM) and Endpoint Posture Checks and discuss how these essential capabilities are integrated into the SASE framework to enforce the zero trust principle. Together, these capabilities empower…

Read more →

Everywhere I go, cloud and DevOps teams are asking the same question: “Are we ready for AI?” This article has been indexed from DZone Security Zone Read the original article: AI Readiness: Why Cloud Infrastructure Will Decide Who Wins the…

Read more →

Attackers only really care about two aspects of a leaked secret: does it still work, and what privileges it grants once they are in. One of the takeaways from GitGuardian’s 2025 State of Secrets Sprawl Report was that the majority…

Read more →

Done well, knowledge base integrations enable AI agents to deliver specific, context-rich answers without forcing employees to dig through endless folders. Done poorly, they introduce security gaps and permissioning mistakes that erode trust. The challenge for software developers building these…

Read more →

You think you know your SDLC like the back of your carpal-tunnel-riddled hand: You’ve got your gates, your reviews, your carefully orchestrated dance of code commits and deployment pipelines.  But here’s a plot twist straight out of your auntie’s favorite…

Read more →

In multi-user environments with high-security requirements, robust permission controls are fundamental for resource isolation. Linux’s file permission model provides a flexible access control mechanism, ensuring system security through user/group permission settings. For distributed file systems supporting Linux, compliance with this…

Read more →

Series Overview This article is Part 4 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Summary and Reflections

Read more →

Enterprise data solutions are growing across data warehouses, data lakes, data lakehouse, and hybrid platforms in cloud services. As the data grows exponentially across these services, it’s the data practitioners’ responsibility to secure the environment with secure guardrails and privacy…

Read more →

Series Overview This article is Part 3 of a multi-part series: “Development of system configuration management.” The complete series: This article has been indexed from DZone Security Zone Read the original article: Development of System Configuration Management: Performance Considerations

Read more →

We’ve normalized multi-factor authentication (MFA) for human users. In any secure environment, we expect login workflows to require more than just a password — something you know, something you have, and sometimes something you are. This layered approach is now…

Read more →

Ransomware remains one of the biggest threats to individuals and corporations, primarily because cybercriminals relentlessly look for loopholes. With traditional measures struggling to keep pace with cyber threats, the shift to artificial intelligence (AI) and machine learning (ML) can be…

Read more →

Privacy-preserving techniques are keeping your data safe in the age of AI. In particular, federated learning (FL) keeps data local, while differential privacy (DP) strengthens individual privacy. In this article, we will discuss challenges associated with this, practical tools, and…

Read more →

With the increasing use of Open GPTs in industries such as finance, healthcare, and software development, security concerns are growing. Unlike proprietary models, open-source GPTs allow greater customization but also expose organizations to various security vulnerabilities. This analysis explores real-world…

Read more →

Have you heard of the new OWASP Top 10 for Large Language Model (LLM) Applications? If not, you’re not alone. OWASP is famous for its “Top 10” lists addressing security pitfalls in web and mobile apps, but few realize they’ve…

Read more →

The Open Worldwide Application Security Project, OWASP, has just released its top 10 non-human identities risks for 2025. While other OWASP resources broadly address application and API security, none focus specifically on the unique challenges of NHIs. This new document…

Read more →

Any modern application is centered around APIs. They drive mobile applications, link business systems, and deliver new digital experiences. However, the convenience has its own risks — attackers often use APIs to break into systems. Basic security steps like authentication…

Read more →

Traditional authentication methods — passwords, centralized databases, and third-party identity providers — are plagued by security breaches, identity theft, and data privacy concerns. Blockchain-based authentication offers a decentralized, tamper-proof, and more secure alternative.   In this deep dive, we’ll explore:…

Read more →

Would you rather have determined that you are in fact secure, or are you willing to accept that you are “probably” doing things securely? This might seem like a silly question on the surface, after all, audits don’t work on…

Read more →